377997ba3d5b4ddcf27fbf288a5f9596bd8b70b77be3ce1775805765f06da65fN

Sharing

Copy URL Twitter E-mail

General

Target

377997ba3d5b4ddcf27fbf288a5f9596bd8b70b77be3ce1775805765f06da65fN
Size

532KB
MD5

181f0885069e4ef70b6308f5a5ad10b0
SHA1

705cb30311ef05ad96e7c8c2be8ae531e04a5c83
SHA256

377997ba3d5b4ddcf27fbf288a5f9596bd8b70b77be3ce1775805765f06da65f
SHA512

094ba458d97350fd72953dd121ad31409d627f214bb65ea6823d8fc68b587c00a1603968d0d6b86a15c64896d3176afe72e018fcb707194cfa521f716cb274e1
SSDEEP

12288:ZxMcucxYbPvsZBfrLuY7KqnYTOKQAoTn5vOgu5BBTI/z55p:nMtcxYbnsWY7KsqnQA+OguZKz5f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
377997ba3d5b4ddcf27fbf288a5f9596bd8b70b77be3ce1775805765f06da65fN

Files

377997ba3d5b4ddcf27fbf288a5f9596bd8b70b77be3ce1775805765f06da65fN
.exe windows:4 windows x86 arch:x86

a55df3470b014b7d445c9f925a8cc1c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\

Imports

comctl32

ImageList_Read
ImageList_Replace
_TrackMouseEvent
ImageList_EndDrag
ImageList_DragMove
CreateUpDownControl
MakeDragList
DrawStatusText
DrawStatusTextW
ImageList_Copy
InitCommonControlsEx
ImageList_SetDragCursorImage
CreatePropertySheetPageA
ImageList_DragLeave
ImageList_GetIconSize
ImageList_GetImageRect
ImageList_SetImageCount
ImageList_Write
ImageList_Remove

kernel32

GetStartupInfoA
GetTimeZoneInformation
CompareStringW
InitializeCriticalSection
GetCurrentProcess
LeaveCriticalSection
GetStdHandle
GetCommandLineW
HeapDestroy
GetStringTypeA
GetFileSize
RtlUnwind
GetSystemTimeAsFileTime
GetVersion
TerminateProcess
TlsFree
ExitProcess
LoadLibraryExA
MultiByteToWideChar
TlsAlloc
lstrcmp
ReadFileEx
WaitForSingleObject
FlushFileBuffers
GetTickCount
InterlockedDecrement
CompareStringA
SetLastError
TryEnterCriticalSection
GetCurrencyFormatW
GetEnvironmentStrings
SetEnvironmentVariableA
GetLastError
InterlockedIncrement
GetCommandLineA
GetEnvironmentStringsW
UnhandledExceptionFilter
CreateMutexA
SetFilePointer
HeapFree
HeapCreate
GetPrivateProfileSectionNamesA
GetModuleHandleA
WriteFile
ExpandEnvironmentStringsW
GetProcAddress
FreeEnvironmentStringsW
GetLocalTime
VirtualQueryEx
QueryPerformanceCounter
GetModuleFileNameA
FindNextChangeNotification
VirtualFree
GetLocaleInfoA
IsBadWritePtr
SuspendThread
ReadFile
SetHandleCount
PulseEvent
GetCurrentProcessId
SetStdHandle
EnumDateFormatsA
HeapAlloc
GetWindowsDirectoryA
GetLongPathNameA
GetCPInfo
FreeEnvironmentStringsA
EnterCriticalSection
GetSystemTime
HeapReAlloc
OpenMutexA
CloseHandle
TlsGetValue
LCMapStringA
FileTimeToSystemTime
GetLocaleInfoW
DeleteCriticalSection
TlsSetValue
GetModuleFileNameW
GetCurrentThreadId
VirtualQuery
LCMapStringW
VirtualAlloc
InterlockedExchange
LoadLibraryA
GetFileType
GetCurrentThread
GetStringTypeW
WideCharToMultiByte
GetStartupInfoW

comdlg32

ChooseColorW
ChooseFontA

user32

CharToOemA
IsWindowEnabled
GetListBoxInfo
GetWindowLongW
RegisterClassExW
SetProcessDefaultLayout
GetKeyState
RegisterClassExA
EnableMenuItem
GetMessagePos
DdeGetLastError
ChangeMenuA
GetSubMenu
IsWindowVisible
LoadImageA
SetCapture
GetDlgItemInt
DeleteMenu
SetScrollPos
DdeInitializeW
SendNotifyMessageA
IsClipboardFormatAvailable
OffsetRect
GetKeyboardLayoutNameW
CreateIcon
ModifyMenuW
SendMessageTimeoutW
MapWindowPoints
GetKeyboardLayoutNameA
GetProcessDefaultLayout
MessageBoxW
CharToOemW
IsDialogMessage
CallWindowProcW
ToAsciiEx
SetClipboardViewer
TabbedTextOutA
ChildWindowFromPointEx
SubtractRect
IsDialogMessageA
RegisterClassA
DrawCaption
SetClassLongA

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a55df3470b014b7d445c9f925a8cc1c5

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

comdlg32

user32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 108KB - Virtual size: 132KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 108KB - Virtual size: 132KB

.rsrc
Size: 20KB - Virtual size: 16KB